Installation of v2 fails to start on Windows 10 due to SmartScreen

Question

Installation of v2 fails to start on Windows 10 due to SmartScreen

IndefiniteBen opened this issue 5 months ago · comments

Consent

I verified that there is no open/closed issue for the same subject.
I understand that YTMDesktop have NO affiliation with Google or YouTube

Current Behavior

I download the v2 release and open it, expecting the installation to start, but it is blocked by Microsoft Defender SmartScreen.
I do not have the option to "run anyway", possibly because this machine is managed by company IT.

Windows protected your PC

Microsoft Defender SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk.
Application: YouTube-Music-Desktop-App-2.0.0-Setup.exe
Publisher: Unknown publisher

Expected Behavior

The installation should run without triggering SmartScreen.

I think this will be resolved when enough users with the option to "run anyway" do so, without issue?

Steps To Reproduce

Download YTM v2 from releases
Try installation on a Windows machine with Microsoft Defender active.

YTMDesktop

v2.0.0

OS

Windows

OS Version

10

Arch

x64

Installation way

.exe

Anything else?

I submitted the downloaded file to Microsoft Malware analysis and it was marked as clean. According to this stackoverflow answer that should help.

A-Matt · Answer 1 · Tue Jan 30 2024 19:54:33 GMT+0800 (China Standard Time)

This is because the file is unsigned.
This is a problem which EVERY application will have, but it will only be removed until a significant number of people have downloaded and installed it. (This is why v1.13 stopped showing it as it was opened SO MANY TIMES)

Selecting More Info you are still given the opportunity to Run anyway

The build made is FROM GitHub Actions and not uploaded manually from a member of the team. So what you see is what you get.
Putting it through Virus Total: https://www.virustotal.com/gui/file/f4c4aea0b46caeb517cab34bbc5ef1c5b8bbe7699cc747cfddba16f5b7b5ff2a/behavior

The sandbox C2AE flags this file as: STEALER

This is likely for the v1 Config migration we have~
1 of the 70 places detected it, and it's just Trojan Generic from Rising which is a false positive (which most applications get one of here and there)

Ben Pyman · Answer 2 · Tue Jan 30 2024 21:30:16 GMT+0800 (China Standard Time)

Hey, thanks for your response.
I am aware of the More info > run anyway workaround, but for whatever reason it is not available for me (this is a Intune managed PC so some settings are locked down).

I also tested the exe in https://opentip.kaspersky.com/ which gave a clean result. I don't think it's malicious, but checking it with the MS Malware analysis might make the warning disappear sooner?

Ben Pyman · Answer 3 · Tue Jan 30 2024 21:33:00 GMT+0800 (China Standard Time)

In any case, I found another workaround (somewhat shown in the stackoverflow question) which removes the warning pop-up.

Open the exe properties (right click on file>properties) and you see a security warning:

Simply check the "Unblock" box, apply it and then it installs without any SmartScreen warning.